NSX|P: Initial admin utilities

Adding the infrastracture for the policy plugin admin utils with one
example utility to list the security groups, networks & routers.

Depend-on: I10a3f691b33e37e1cd8ec8094f4bfa89d7a96f35
Change-Id: I8094b241255537a1668837ed4ca1dad8094dcc41
This commit is contained in:
Adit Sarfaty 2018-10-02 15:51:07 +03:00
parent ff6c595b90
commit f7795e275d
11 changed files with 274 additions and 0 deletions

View File

@ -573,6 +573,20 @@ NSXtvd Plugin
nsxadmin -r projects -o nsx-migrate-v-v3 --property project-id=<V project ID> --property external-net=<T external network ID> (--property from-file=True) nsxadmin -r projects -o nsx-migrate-v-v3 --property project-id=<V project ID> --property external-net=<T external network ID> (--property from-file=True)
NSX Policy Plugin
-----------------
- List all the neutron security groups together with their NSX Policy objects and realization state::
nsxadmin -r security-groups -o list
- List all the neutron networks together with their NSX Policy objects and realization state::
nsxadmin -r networks -o list
- List all the neutron routers together with their NSX Policy objects and realization state::
nsxadmin -r routers -o list
Upgrade Steps (NSX-T Version 1.0.0 to Version 1.1.0) Upgrade Steps (NSX-T Version 1.0.0 to Version 1.1.0)
---------------------------------------------------- ----------------------------------------------------

View File

@ -17,11 +17,13 @@ NEUTRON_CONF = '/etc/neutron/neutron.conf'
NSX_INI = '/etc/neutron/plugins/vmware/nsx.ini' NSX_INI = '/etc/neutron/plugins/vmware/nsx.ini'
# NSX Plugin Constants # NSX Plugin Constants
NSXP_PLUGIN = 'vmware_nsx.plugin.NsxPolicyPlugin'
NSXV3_PLUGIN = 'vmware_nsx.plugin.NsxV3Plugin' NSXV3_PLUGIN = 'vmware_nsx.plugin.NsxV3Plugin'
NSXV_PLUGIN = 'vmware_nsx.plugin.NsxVPlugin' NSXV_PLUGIN = 'vmware_nsx.plugin.NsxVPlugin'
NSXTVD_PLUGIN = 'vmware_nsx.plugin.NsxTVDPlugin' NSXTVD_PLUGIN = 'vmware_nsx.plugin.NsxTVDPlugin'
VMWARE_NSXV = 'vmware_nsxv' VMWARE_NSXV = 'vmware_nsxv'
VMWARE_NSXV3 = 'vmware_nsxv3' VMWARE_NSXV3 = 'vmware_nsxv3'
VMWARE_NSXP = 'vmware_nsxp'
VMWARE_NSXTVD = 'vmware_nsxtvd' VMWARE_NSXTVD = 'vmware_nsxtvd'
# Common Resource Constants # Common Resource Constants

View File

@ -0,0 +1,48 @@
# Copyright 2018 VMware, Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from neutron_lib import context
from vmware_nsx.shell.admin.plugins.common import constants
from vmware_nsx.shell.admin.plugins.common import utils as admin_utils
from vmware_nsx.shell.admin.plugins.nsxp.resources import utils as p_utils
@admin_utils.list_handler(constants.NETWORKS)
@admin_utils.output_header
def list_networks(resource, event, trigger, **kwargs):
"""List neutron networks
With the NSX policy resources and realization state.
"""
mappings = []
nsxpolicy = p_utils.get_connected_nsxpolicy()
ctx = context.get_admin_context()
with p_utils.NsxPolicyPluginWrapper() as plugin:
nets = plugin.get_networks(ctx)
for net in nets:
# skip non-backend networks
if plugin._network_is_external(ctx, net['id']):
continue
segment_id = plugin._get_network_nsx_segment_id(ctx, net['id'])
status = p_utils.get_realization_info(
nsxpolicy.segment, segment_id)
mappings.append({'ID': net['id'],
'Name': net.get('name'),
'Project': net.get('tenant_id'),
'NSX status': status})
p_utils.log_info(constants.NETWORKS,
mappings,
attrs=['Project', 'Name', 'ID', 'NSX status'])
return bool(mappings)

View File

@ -0,0 +1,44 @@
# Copyright 2018 VMware, Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from neutron_lib import context
from vmware_nsx.shell.admin.plugins.common import constants
from vmware_nsx.shell.admin.plugins.common import utils as admin_utils
from vmware_nsx.shell.admin.plugins.nsxp.resources import utils as p_utils
@admin_utils.list_handler(constants.ROUTERS)
@admin_utils.output_header
def list_routers(resource, event, trigger, **kwargs):
"""List neutron routers
With the NSX policy resources and realization state.
"""
mappings = []
nsxpolicy = p_utils.get_connected_nsxpolicy()
ctx = context.get_admin_context()
with p_utils.NsxPolicyPluginWrapper() as plugin:
routers = plugin.get_routers(ctx, fields=['id', 'name', 'tenant_id'])
for rtr in routers:
status = p_utils.get_realization_info(
nsxpolicy.tier1, rtr['id'])
mappings.append({'ID': rtr['id'],
'Name': rtr.get('name'),
'Project': rtr.get('tenant_id'),
'NSX status': status})
p_utils.log_info(constants.ROUTERS,
mappings,
attrs=['Project', 'Name', 'ID', 'NSX status'])
return bool(mappings)

View File

@ -0,0 +1,50 @@
# Copyright 2018 VMware, Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from neutron.db import securitygroups_db
from neutron_lib import context
from vmware_nsx.shell.admin.plugins.common import constants
from vmware_nsx.shell.admin.plugins.common import utils as admin_utils
from vmware_nsx.shell.admin.plugins.nsxp.resources import utils as p_utils
neutron_client = securitygroups_db.SecurityGroupDbMixin()
@admin_utils.list_handler(constants.SECURITY_GROUPS)
@admin_utils.output_header
def list_security_groups(resource, event, trigger, **kwargs):
"""List neutron security groups
With the NSX policy resources and realization state.
"""
mappings = []
nsxpolicy = p_utils.get_connected_nsxpolicy()
ctx = context.get_admin_context()
sgs = neutron_client.get_security_groups(ctx)
for sg in sgs:
domain_id = sg['tenant_id']
map_status = p_utils.get_realization_info(
nsxpolicy.comm_map, domain_id, sg['id'])
group_status = p_utils.get_realization_info(
nsxpolicy.group, domain_id, sg['id'])
mappings.append({'ID': sg['id'],
'Name': sg.get('name'),
'Project': domain_id,
'NSX Group': group_status,
'NSX Map': map_status})
p_utils.log_info(constants.SECURITY_GROUPS,
mappings,
attrs=['Project', 'Name', 'ID', 'NSX Group', 'NSX Map'])
return bool(mappings)

View File

@ -0,0 +1,81 @@
# Copyright 2018 VMware, Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from neutron.db import l3_dvr_db # noqa
from neutron_lib import context
from neutron_lib.plugins import constants as const
from neutron_lib.plugins import directory
from oslo_log import log as logging
from vmware_nsx.plugins.nsx_p import plugin
from vmware_nsx.plugins.nsx_v3 import utils as v3_utils
from vmware_nsx.shell.admin.plugins.common import formatters
LOG = logging.getLogger(__name__)
_NSXPOLICY = None
def get_nsxp_client(nsx_username=None, nsx_password=None,
use_basic_auth=False):
return get_connected_nsxpolicy(nsx_username,
nsx_password,
use_basic_auth).client
def get_connected_nsxpolicy(nsx_username=None, nsx_password=None,
use_basic_auth=False):
global _NSXPOLICY
# for non-default agruments, initiate new lib
if nsx_username or use_basic_auth:
return v3_utils.get_nsxpolicy_wrapper(nsx_username,
nsx_password,
use_basic_auth)
if _NSXPOLICY is None:
_NSXPOLICY = v3_utils.get_nsxpolicy_wrapper()
return _NSXPOLICY
def log_info(resource, data, attrs=['display_name', 'id']):
LOG.info(formatters.output_formatter(resource, data, attrs))
def get_realization_info(resource, *realization_args):
try:
nsx_info = resource.get_realization_info(*realization_args)
if not nsx_info:
info_text = "MISSING"
else:
state = nsx_info.get('state')
nsx_id = nsx_info.get('realization_specific_identifier')
info_text = "%s (ID: %s)" % (state, nsx_id)
except Exception as e:
LOG.warning("Failed to get realization info for %s(%s): %s",
resource, str(realization_args), e)
info_text = "UNKNOWN"
return info_text
class NsxPolicyPluginWrapper(plugin.NsxPolicyPlugin):
def __init__(self):
super(NsxPolicyPluginWrapper, self).__init__()
self.context = context.get_admin_context()
def __enter__(self):
directory.add_plugin(const.CORE, self)
return self
def __exit__(self, exc_type, exc_value, traceback):
directory.add_plugin(const.CORE, None)

View File

@ -81,6 +81,10 @@ def _validate_resource_choice(resource, nsx_plugin):
LOG.error('Supported list of NSX-TVD resources: %s', LOG.error('Supported list of NSX-TVD resources: %s',
resources.nsxtvd_resources_names) resources.nsxtvd_resources_names)
sys.exit(1) sys.exit(1)
elif nsx_plugin == 'nsxp'and resource not in resources.nsxp_resources:
LOG.error('Supported list of NSX-P resources: %s',
resources.nsxp_resources_names)
sys.exit(1)
def _validate_op_choice(choice, nsx_plugin): def _validate_op_choice(choice, nsx_plugin):
@ -108,6 +112,14 @@ def _validate_op_choice(choice, nsx_plugin):
'resource %s', supported_resource_ops) 'resource %s', supported_resource_ops)
sys.exit(1) sys.exit(1)
elif nsx_plugin == 'nsxp':
supported_resource_ops = \
resources.nsxp_resources[cfg.CONF.resource].supported_ops
if choice not in supported_resource_ops:
LOG.error('Supported list of operations for the NSX-P '
'resource %s', supported_resource_ops)
sys.exit(1)
def _validate_plugin_choice(selected_plugin, nsx_plugin): def _validate_plugin_choice(selected_plugin, nsx_plugin):
if nsx_plugin == 'nsxtvd': if nsx_plugin == 'nsxtvd':

View File

@ -237,9 +237,19 @@ nsxtvd_resources = {
Operations.NSX_MIGRATE_V_V3.value]), Operations.NSX_MIGRATE_V_V3.value]),
} }
nsxp_resources = {
constants.SECURITY_GROUPS: Resource(constants.SECURITY_GROUPS,
[Operations.LIST.value]),
constants.NETWORKS: Resource(constants.NETWORKS,
[Operations.LIST.value]),
constants.ROUTERS: Resource(constants.ROUTERS,
[Operations.LIST.value]),
}
nsxv3_resources_names = list(nsxv3_resources.keys()) nsxv3_resources_names = list(nsxv3_resources.keys())
nsxv_resources_names = list(nsxv_resources.keys()) nsxv_resources_names = list(nsxv_resources.keys())
nsxtvd_resources_names = list(nsxtvd_resources.keys()) nsxtvd_resources_names = list(nsxtvd_resources.keys())
nsxp_resources_names = list(nsxp_resources.keys())
def get_resources(plugin_dir): def get_resources(plugin_dir):
@ -257,6 +267,8 @@ def get_plugin():
plugin_name = 'nsxv' plugin_name = 'nsxv'
elif plugin in (constants.NSXTVD_PLUGIN, constants.VMWARE_NSXTVD): elif plugin in (constants.NSXTVD_PLUGIN, constants.VMWARE_NSXTVD):
plugin_name = 'nsxtvd' plugin_name = 'nsxtvd'
elif plugin in (constants.NSXP_PLUGIN, constants.VMWARE_NSXP):
plugin_name = 'nsxp'
return plugin_name return plugin_name

View File

@ -37,6 +37,7 @@ from vmware_nsx.shell.admin.plugins.nsxv.resources import utils as nsxv_utils
from vmware_nsx.shell.admin.plugins.nsxv3.resources import utils as nsxv3_utils from vmware_nsx.shell.admin.plugins.nsxv3.resources import utils as nsxv3_utils
from vmware_nsx.shell import resources from vmware_nsx.shell import resources
from vmware_nsx.tests import unit as vmware from vmware_nsx.tests import unit as vmware
from vmware_nsx.tests.unit.nsx_p import test_plugin as test_p_plugin
from vmware_nsx.tests.unit.nsx_v import test_plugin as test_v_plugin from vmware_nsx.tests.unit.nsx_v import test_plugin as test_v_plugin
from vmware_nsx.tests.unit.nsx_v3 import test_plugin as test_v3_plugin from vmware_nsx.tests.unit.nsx_v3 import test_plugin as test_v3_plugin
from vmware_nsxlib.v3 import core_resources from vmware_nsxlib.v3 import core_resources
@ -311,3 +312,13 @@ class TestNsxtvdAdminUtils(AbstractTestAdminUtils):
def test_nsxtv_resources(self): def test_nsxtv_resources(self):
self._test_resources(resources.nsxtvd_resources) self._test_resources(resources.nsxtvd_resources)
class TestNsxpAdminUtils(AbstractTestAdminUtils,
test_p_plugin.NsxPPluginTestCaseMixin):
def _get_plugin_name(self):
return 'nsxp'
def test_nsxp_resources(self):
self._test_resources(resources.nsxp_resources)